Date: Mon, 31 May 1999 22:10:49 -0700 (PDT) From: Doug White <dwhite@resnet.uoregon.edu> To: Ho Seng Yip <hsengyip@singnet.com.sg> Cc: FreeBSD Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: Web Authentication Message-ID: <Pine.BSF.4.03.9905312159360.4498-100000@resnet.uoregon.edu> In-Reply-To: <016d01bea9da$235fd400$10a815a5@oasis>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 29 May 1999, Ho Seng Yip wrote:
> I am not too sure if this is possible but has anyone tried writing a perl
> script which is able to authenticate a user via web using the password of
> his shell account ?
Oh, this is _EASY_. Untested, but easy.
#!/usr/local/bin/perl5
#Script to authenticate Web users. Assumes username is on paramenter
# 'name', password on 'passwd'.
#
# DANGER: This is VERY INSECURE since it gives passwords in the clear.
# Use SSL and POST method, or better yet, don't use at all.
use CGI qw/:standard :html3/;
use User::pwent;
$q = new CGI;
print header;
$passwd = $q->param{'passwd'};
$orig = pwent($q->param{'name'})->passwd;
$try = crypt $passwd, $orig;
if($orig eq $try) {
print "Welcome aboard\n";
} else {
print "Wrong password, fool!\n";
}
Doug White
Internet: dwhite@resnet.uoregon.edu | FreeBSD: The Power to Serve
http://gladstone.uoregon.edu/~dwhite | www.freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.03.9905312159360.4498-100000>